MediaWiki  master
SpecialUnblock.php
Go to the documentation of this file.
1 <?php
29 class SpecialUnblock extends SpecialPage {
30 
31  protected $target;
32  protected $type;
33  protected $block;
34 
35  public function __construct() {
36  parent::__construct( 'Unblock', 'block' );
37  }
38 
39  public function doesWrites() {
40  return true;
41  }
42 
43  public function execute( $par ) {
44  $this->checkPermissions();
45  $this->checkReadOnly();
46 
47  list( $this->target, $this->type ) = SpecialBlock::getTargetAndType( $par, $this->getRequest() );
48  $this->block = Block::newFromTarget( $this->target );
49  if ( $this->target instanceof User ) {
50  # Set the 'relevant user' in the skin, so it displays links like Contributions,
51  # User logs, UserRights, etc.
52  $this->getSkin()->setRelevantUser( $this->target );
53  }
54 
55  $this->setHeaders();
56  $this->outputHeader();
57 
58  $out = $this->getOutput();
59  $out->setPageTitle( $this->msg( 'unblockip' ) );
60  $out->addModules( [ 'mediawiki.special', 'mediawiki.userSuggest' ] );
61 
62  $form = new HTMLForm( $this->getFields(), $this->getContext() );
63  $form->setWrapperLegendMsg( 'unblockip' );
64  $form->setSubmitCallback( [ __CLASS__, 'processUIUnblock' ] );
65  $form->setSubmitTextMsg( 'ipusubmit' );
66  $form->addPreText( $this->msg( 'unblockiptext' )->parseAsBlock() );
67 
68  if ( $form->show() ) {
69  switch ( $this->type ) {
70  case Block::TYPE_IP:
71  $out->addWikiMsg( 'unblocked-ip', wfEscapeWikiText( $this->target ) );
72  break;
73  case Block::TYPE_USER:
74  $out->addWikiMsg( 'unblocked', wfEscapeWikiText( $this->target ) );
75  break;
76  case Block::TYPE_RANGE:
77  $out->addWikiMsg( 'unblocked-range', wfEscapeWikiText( $this->target ) );
78  break;
79  case Block::TYPE_ID:
80  case Block::TYPE_AUTO:
81  $out->addWikiMsg( 'unblocked-id', wfEscapeWikiText( $this->target ) );
82  break;
83  }
84  }
85  }
86 
87  protected function getFields() {
88  $fields = [
89  'Target' => [
90  'type' => 'text',
91  'label-message' => 'ipaddressorusername',
92  'autofocus' => true,
93  'size' => '45',
94  'required' => true,
95  'cssclass' => 'mw-autocomplete-user', // used by mediawiki.userSuggest
96  ],
97  'Name' => [
98  'type' => 'info',
99  'label-message' => 'ipaddressorusername',
100  ],
101  'Reason' => [
102  'type' => 'text',
103  'label-message' => 'ipbreason',
104  ]
105  ];
106 
107  if ( $this->block instanceof Block ) {
108  list( $target, $type ) = $this->block->getTargetAndType();
109 
110  # Autoblocks are logged as "autoblock #123 because the IP was recently used by
111  # User:Foo, and we've just got any block, auto or not, that applies to a target
112  # the user has specified. Someone could be fishing to connect IPs to autoblocks,
113  # so don't show any distinction between unblocked IPs and autoblocked IPs
114  if ( $type == Block::TYPE_AUTO && $this->type == Block::TYPE_IP ) {
115  $fields['Target']['default'] = $this->target;
116  unset( $fields['Name'] );
117  } else {
118  $fields['Target']['default'] = $target;
119  $fields['Target']['type'] = 'hidden';
120  switch ( $type ) {
121  case Block::TYPE_IP:
122  $fields['Name']['default'] = Linker::linkKnown(
123  SpecialPage::getTitleFor( 'Contributions', $target->getName() ),
124  $target->getName()
125  );
126  $fields['Name']['raw'] = true;
127  break;
128  case Block::TYPE_USER:
129  $fields['Name']['default'] = Linker::link(
130  $target->getUserPage(),
131  $target->getName()
132  );
133  $fields['Name']['raw'] = true;
134  break;
135 
136  case Block::TYPE_RANGE:
137  $fields['Name']['default'] = $target;
138  break;
139 
140  case Block::TYPE_AUTO:
141  $fields['Name']['default'] = $this->block->getRedactedName();
142  $fields['Name']['raw'] = true;
143  # Don't expose the real target of the autoblock
144  $fields['Target']['default'] = "#{$this->target}";
145  break;
146  }
147  // target is hidden, so the reason is the first element
148  $fields['Target']['autofocus'] = false;
149  $fields['Reason']['autofocus'] = true;
150  }
151  } else {
152  $fields['Target']['default'] = $this->target;
153  unset( $fields['Name'] );
154  }
155 
156  return $fields;
157  }
158 
165  public static function processUIUnblock( array $data, HTMLForm $form ) {
166  return self::processUnblock( $data, $form->getContext() );
167  }
168 
180  public static function processUnblock( array $data, IContextSource $context ) {
181  $performer = $context->getUser();
182  $target = $data['Target'];
183  $block = Block::newFromTarget( $data['Target'] );
184 
185  if ( !$block instanceof Block ) {
186  return [ [ 'ipb_cant_unblock', $target ] ];
187  }
188 
189  # bug 15810: blocked admins should have limited access here. This
190  # won't allow sysops to remove autoblocks on themselves, but they
191  # should have ipblock-exempt anyway
193  if ( $status !== true ) {
194  throw new ErrorPageError( 'badaccess', $status );
195  }
196 
197  # If the specified IP is a single address, and the block is a range block, don't
198  # unblock the whole range.
200  if ( $block->getType() == Block::TYPE_RANGE && $type == Block::TYPE_IP ) {
201  $range = $block->getTarget();
202 
203  return [ [ 'ipb_blocked_as_range', $target, $range ] ];
204  }
205 
206  # If the name was hidden and the blocking user cannot hide
207  # names, then don't allow any block removals...
208  if ( !$performer->isAllowed( 'hideuser' ) && $block->mHideName ) {
209  return [ 'unblock-hideuser' ];
210  }
211 
212  # Delete block
213  if ( !$block->delete() ) {
214  return [ 'ipb_cant_unblock', htmlspecialchars( $block->getTarget() ) ];
215  }
216 
217  # Unset _deleted fields as needed
218  if ( $block->mHideName ) {
219  # Something is deeply FUBAR if this is not a User object, but who knows?
220  $id = $block->getTarget() instanceof User
221  ? $block->getTarget()->getId()
222  : User::idFromName( $block->getTarget() );
223 
224  RevisionDeleteUser::unsuppressUserName( $block->getTarget(), $id );
225  }
226 
227  # Redact the name (IP address) for autoblocks
228  if ( $block->getType() == Block::TYPE_AUTO ) {
229  $page = Title::makeTitle( NS_USER, '#' . $block->getId() );
230  } else {
231  $page = $block->getTarget() instanceof User
232  ? $block->getTarget()->getUserPage()
233  : Title::makeTitle( NS_USER, $block->getTarget() );
234  }
235 
236  # Make log entry
237  $logEntry = new ManualLogEntry( 'block', 'unblock' );
238  $logEntry->setTarget( $page );
239  $logEntry->setComment( $data['Reason'] );
240  $logEntry->setPerformer( $performer );
241  if ( isset( $data['Tags'] ) ) {
242  $logEntry->setTags( $data['Tags'] );
243  }
244  $logId = $logEntry->insert();
245  $logEntry->publish( $logId );
246 
247  return true;
248  }
249 
258  public function prefixSearchSubpages( $search, $limit, $offset ) {
259  $user = User::newFromName( $search );
260  if ( !$user ) {
261  // No prefix suggestion for invalid user
262  return [];
263  }
264  // Autocomplete subpage as user list - public to allow caching
265  return UserNamePrefixSearch::search( 'public', $search, $limit, $offset );
266  }
267 
268  protected function getGroupName() {
269  return 'users';
270  }
271 }
static newFromName($name, $validate= 'valid')
Static factory method for creation from username.
Definition: User.php:522
static checkUnblockSelf($user, User $performer)
bug 15810: blocked admins should not be able to block/unblock others, and probably shouldn't be able ...
static processUIUnblock(array $data, HTMLForm $form)
Submit callback for an HTMLForm object.
Interface for objects which can provide a MediaWiki context on request.
deferred txt A few of the database updates required by various functions here can be deferred until after the result page is displayed to the user For updating the view updating the linked to tables after a etc PHP does not yet have any way to tell the server to actually return and disconnect while still running these but it might have such a feature in the future We handle these by creating a deferred update object and putting those objects on a global list
Definition: deferred.txt:11
this hook is for auditing only or null if authentication failed before getting that far or null if we can t even determine that probably a stub it is not rendered in wiki pages or galleries in category pages allow injecting custom HTML after the section Any uses of the hook need to handle escaping see BaseTemplate::getToolbox and BaseTemplate::makeListItem for details on the format of individual items inside of this array or by returning and letting standard HTTP rendering take place modifiable or by returning false and taking over the output $out
Definition: hooks.txt:776
the array() calling protocol came about after MediaWiki 1.4rc1.
$context
Definition: load.php:43
getContext()
Gets the context this SpecialPage is executed in.
const TYPE_RANGE
Definition: Block.php:77
static getTitleFor($name, $subpage=false, $fragment= '')
Get a localised Title object for a specified special page name.
Definition: SpecialPage.php:80
static unsuppressUserName($name, $userId, $dbw=null)
const TYPE_IP
Definition: Block.php:76
msg()
Wrapper around wfMessage that sets the current context.
getOutput()
Get the OutputPage being used for this instance.
outputHeader($summaryMessageKey= '')
Outputs a summary message on top of special pages Per default the message key is the canonical name o...
The User object encapsulates all of the user-specific settings (user_id, name, rights, email address, options, last login time).
Definition: User.php:47
getUser()
Get the User object.
Parent class for all special pages.
Definition: SpecialPage.php:36
wfEscapeWikiText($text)
Escapes the given text so that it may be output using addWikiText() without any linking, formatting, etc.
An error page which can definitely be safely rendered using the OutputPage.
static newFromTarget($specificTarget, $vagueTarget=null, $fromMaster=false)
Given a target and the target's type, get an existing Block object if possible.
Definition: Block.php:1057
static search($audience, $search, $limit, $offset=0)
Do a prefix search of user names and return a list of matching user names.
getContext()
Get the base IContextSource object.
getSkin()
Shortcut to get the skin being used for this instance.
setHeaders()
Sets headers - this should be called from the execute() method of all derived classes! ...
Object handling generic submission, CSRF protection, layout and other logic for UI forms...
Definition: HTMLForm.php:128
static linkKnown($target, $html=null, $customAttribs=[], $query=[], $options=[ 'known'])
Identical to link(), except $options defaults to 'known'.
Definition: Linker.php:255
const TYPE_ID
Definition: Block.php:79
static processUnblock(array $data, IContextSource $context)
Process the form.
const TYPE_AUTO
Definition: Block.php:78
please add to it if you re going to add events to the MediaWiki code where normally authentication against an external auth plugin would be creating a local account $user
Definition: hooks.txt:242
static link($target, $html=null, $customAttribs=[], $query=[], $options=[])
This function returns an HTML link to the given target.
Definition: Linker.php:203
A special page for unblocking users.
prefixSearchSubpages($search, $limit, $offset)
Return an array of subpages beginning with $search that this special page will accept.
injection txt This is an overview of how MediaWiki makes use of dependency injection The design described here grew from the discussion of RFC T384 The term dependency this means that anything an object needs to operate should be injected from the the object itself should only know narrow no concrete implementation of the logic it relies on The requirement to inject everything typically results in an architecture that based on two main types of and essentially stateless service objects that use other service objects to operate on the value objects As of the beginning MediaWiki is only starting to use the DI approach Much of the code still relies on global state or direct resulting in a highly cyclical dependency which acts as the top level factory for services in MediaWiki which can be used to gain access to default instances of various services MediaWikiServices however also allows new services to be defined and default services to be redefined Services are defined or redefined by providing a callback the instantiator that will return a new instance of the service When it will create an instance of MediaWikiServices and populate it with the services defined in the files listed by thereby bootstrapping the DI framework Per $wgServiceWiringFiles lists includes ServiceWiring php
Definition: injection.txt:35
This document describes the state of Postgres support in and is fairly well maintained The main code is very well while extensions are very hit and miss it is probably the most supported database after MySQL Much of the work in making MediaWiki database agnostic came about through the work of creating Postgres as and are nearing end of but without copying over all the usage comments General notes on the but these can almost always be programmed around *Although Postgres has a true BOOLEAN type
Definition: postgres.txt:22
Class for creating log entries manually, to inject them into the database.
Definition: LogEntry.php:394
static idFromName($name, $flags=self::READ_NORMAL)
Get database id given a user name.
Definition: User.php:764
this hook is for auditing only RecentChangesLinked and Watchlist RecentChangesLinked and Watchlist e g Watchlist removed from all revisions and log entries to which it was applied This gives extensions a chance to take it off their books as the deletion has already been partly carried out by this point or something similar the user will be unable to create the tag set and then return false from the hook function Ensure you consume the ChangeTagAfterDelete hook to carry out custom deletion actions as context called by AbstractContent::getParserOutput May be used to override the normal model specific rendering of page content as context as context the output can only depend on parameters provided to this hook not on global state indicating whether full HTML should be generated If generation of HTML may be but other information should still be present in the ParserOutput object to manipulate or replace but no entry for that model exists in $wgContentHandlers if desired whether it is OK to use $contentModel on $title Handler functions that modify $ok should generally return false to prevent further hooks from further modifying $ok inclusive $limit
Definition: hooks.txt:1020
const TYPE_USER
Definition: Block.php:75
this hook is for auditing only RecentChangesLinked and Watchlist RecentChangesLinked and Watchlist e g Watchlist removed from all revisions and log entries to which it was applied This gives extensions a chance to take it off their books as the deletion has already been partly carried out by this point or something similar the user will be unable to create the tag set $status
Definition: hooks.txt:1020
checkPermissions()
Checks if userCanExecute, and if not throws a PermissionsError.
getRequest()
Get the WebRequest being used for this instance.
static getTargetAndType($par, WebRequest $request=null)
Determine the target of the block, and the type of target.
checkReadOnly()
If the wiki is currently in readonly mode, throws a ReadOnlyError.
Definition: Block.php:22
static makeTitle($ns, $title, $fragment= '', $interwiki= '')
Create a new Title from a namespace index and a DB key.
Definition: Title.php:503
this hook is for auditing only etc instead of letting the login form give the generic error message that the account does not exist For when the account has been renamed or deleted or an array to pass a message key and parameters block
Definition: hooks.txt:1994
do that in ParserLimitReportFormat instead use this to modify the parameters of the image and a DIV can begin in one section and end in another Make sure your code can handle that case gracefully See the EditSectionClearerLink extension for an example zero but section is usually empty its values are the globals values before the output is cached $page
Definition: hooks.txt:2376